Lots of malware have been creating cybercrime, but the old Agent Tesla uses new tricks to be able to stay on top. The Agent Tesla RAT has become one of the most prevalent malware families, being seen in more attacks than even TrickBot or Emotet and only slightly fewer than Dridex. Know more about them in this batch of InfoSec articles.

For more articles, check out our #onpatrol4malware blog.

Agent Tesla

The Biggest Challenges and Best Practices to Mitigate Risks in Maritime Cybersecurity

Source: TripWire

Ships are increasingly using systems that rely on digitalization, integration, and automation, which call for cyber risk management on board. Read more.

Emotet is back… and where are we?

Source: Team Cymru

Emotet has a long history of wreaking havoc across public and private sector networks. While Emotet is more than SPAM alone, as the SPAM messages pick back up, so too do the victim tallies. Read more.

Iranian hacker group becomes first known APT to weaponize DNS-over-HTTPS (DoH)

Source: ZDNet

An Iranian hacking group known as Oilrig has become the first publicly known threat actor to incorporate the DNS-over-HTTPS (DoH) protocol in its attacks. Read more.

Agent Tesla


Source: ic3

An increasing number of victims are being directed to fraudulent websites via social media platforms and popular online search engines. Read more.

Agent Tesla

Playing with GuLoader Anti-VM techniques

Source: Blueliv

A recent research performed by Check Point suggests that GuLoader code is almost identical to a loader named as CloudEye and sold “legitimately” as a protection mechanism for binaries. Read more.

The Expanding Extent of the Blackbaud Ransomware Attack

Source: CYWARE

In May 2020, Blackbaud was hit by a ransomware attack, which the company disclosed in July, and several impacted organizations soon started realizing the impact of that breach. Read more.

Hackers Dump 20GB of Intel’s Confidential Data Online

Source: Threat Post

More than 20 gigabytes of proprietary data and source code from chipmaker Intel Corp. was dumped online by a third party, likely the result of a data breach from earlier this year. Read more.

Trade minister hack led to trade secrets leak before U.K. election

Source: SC Media

The hack of a U.K. trade minister’s email account led to the leak of U.S.-U.K. trade documents and perpetuated a disinformation campaign credited with influencing the 2019 U.K. election. Read more.

Agent Tesla

China targets networks with new Taidoor malware attacks

Source: SC Media

Wielding a new remote access trojan (RAT) dubbed Taidoor, Chinese government-supported hackers are behind a series of cyberespionage campaigns. Read more.

Intel, ARM, IBM, AMD Processors Vulnerable to New Side-Channel Attacks

Source: The Hacker News

The new research explains microarchitectural attacks were actually caused by speculative dereferencing of user-space registers in the kernel. Read more.

Agent Tesla

Twitter users urged to update over Android security flaw

Source: BBC News

Millions of Twitter users will be asked to update their Android app after the company found a security flaw. Twitter said the vulnerability could let other malicious apps access private information such as direct messages. Read more.

Agent Tesla

Agent Tesla | Old RAT Uses New Tricks to Stay on Top

Source: Sentinel LABS

The Agent Tesla RAT has become one of the most prevalent malware families threatening enterprises in the first half of 2020, being seen in more attacks than even TrickBot or Emotet and only slightly fewer than Dridex. Read more.

Color by numbers: inside a Dharma ransomware-as-a-service attack

Source: Sophos

Part of the reason for Dharma’s longevity is that its variants have become the basis for ransomware-as-a-service (RaaS) operations—the fast-food franchise of cybercrime. Read more.

RedCurl cybercrime group has hacked companies for three years

Source: ZDNet

Named RedCurl, the activities of this new group have been detailed in a 57-page report released today by cyber-security firm Group-IB. Read more.